VYPR

Lil HTTP Server

by Summit Computer Networks

CVEs (4)

  • CVE-2002-1008Oct 4, 2002
    risk 0.04cvss epss 0.07

    Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via a request to urlcount.cgi that contains the script, which is not filtered when the REPORT…

  • CVE-2002-1009Oct 4, 2002
    risk 0.04cvss epss 0.07

    Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2) "E-mail" parameters.

  • CVE-2002-2076Dec 31, 2002
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in Lil' HTTP server 2.1 and 2.2 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request.

  • CVE-2002-0304May 31, 2002
    risk 0.00cvss epss 0.02

    Lil HTTP Server 2.1 allows remote attackers to read password-protected files via a /./ in the HTTP request.